Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1513393ccc23eefe657e0f3059499e99_JaffaCakes118
-
Size
183KB
-
Sample
241004-1y82mayejk
-
MD5
1513393ccc23eefe657e0f3059499e99
-
SHA1
38c2897ddc09896d445918c92fd4c15fe6655aa6
-
SHA256
a4dbe39f8b2c802207e0e229a2bc1ef5fd6ae6c2ea3b2b897d6cde1556ca26ee
-
SHA512
5c7ee1c56ccf2070856387b72da3551b4bc95832e83c94670dbc0f024d87b691ebd1925bf78416a52b83fc6dae7de376a2c1aa0c35bd9223f640970fff46cde4
-
SSDEEP
3072:LMqKbTtCSIT0chwzzcdZKF8UvvoeWofjjpAVioRF8s//NLj6h+EvtR9:Y9MMmwzlqUHoeWofjjpAViY/lH6h+Ev9
Malware Config
Targets
-
-
Target
1513393ccc23eefe657e0f3059499e99_JaffaCakes118
-
Size
183KB
-
MD5
1513393ccc23eefe657e0f3059499e99
-
SHA1
38c2897ddc09896d445918c92fd4c15fe6655aa6
-
SHA256
a4dbe39f8b2c802207e0e229a2bc1ef5fd6ae6c2ea3b2b897d6cde1556ca26ee
-
SHA512
5c7ee1c56ccf2070856387b72da3551b4bc95832e83c94670dbc0f024d87b691ebd1925bf78416a52b83fc6dae7de376a2c1aa0c35bd9223f640970fff46cde4
-
SSDEEP
3072:LMqKbTtCSIT0chwzzcdZKF8UvvoeWofjjpAVioRF8s//NLj6h+EvtR9:Y9MMmwzlqUHoeWofjjpAViY/lH6h+Ev9
Score10/10-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Adds Run key to start application
-
Drops file in System32 directory
-